South Denver Cardiology Associates
Data Breach


The Lyon Firm is actively involved in healthcare data breach lawsuits nationwide
Nationwide Success

Data Breach Lawyer

Investigating South Denver Cardiology data breach claims

The Lyon Firm is actively involved in healthcare privacy and data theft cases nationwide and is currently investigating claims on behalf of  South Denver Cardiology Associates data breach victims.

South Denver Cardiology Associates (SDCA) recently began sending out data breach notification letters after the company disclosed that a data security breach was detected on January 4.

A subsequent investigation determined that an unauthorized person accessed the South Denver Cardiology network between January 2, 2022 and January 5, 2022. Sensitive files stored on the system were accessed.

In a notice on their website, the Colorado practice notes that there was no impact on patient medical records and no unauthorized access to the patient portal.

According to the announcement, a total of 287,652 patients were notified. The notice did not say whether the leaked files were from current patients or both current or former patients.

Based on the South Denver Cardiology investigation, the unauthorized party may have accessed the following personal data:

  • Names
  • Contact information
  • Date of birth
  • Social Security number
  • Driver’s License number
  • Health insurance information

How Do Data Breaches Occur?

A data breach typically occurs in malware, phishing attacks or ransomware attacks when a hacker or cybercriminal gains access to sensitive personal information that has been collected and stored on a company’s servers. Hackers often target organizations with weak or outdated security practices.

Once the information is obtained, it can be sold to third parties to use in identity theft or other fraudulent data theft schemes. Victims of data breaches are at an increased risk of identity theft and financial losses.

If you have received a letter from  about a recent data breach, contact a class action privacy attorney.

Class Action Data Breach Lawsuits

Data Theft Lawyers believe companies who collect and store personal data have an ethical and legal duty to protect it to prevent data theft. Creating a proper network security system is expensive, however, and many medical facilities attempt to bypass these necessary costs. If a hospital or medical facility fails to protect consumers’ and patients’ sensitive information, and a data breach occurs, they may be held liable.

The Lyon Firm encourages all potentially affected individuals in the  security breach to act quickly and remain vigilant against potential medical identity theft and fraud by reviewing account statements, medical bills and credit reports. Contact a privacy attorney to review your data breach case.

Companies have a duty to engage in the following system security measures:

  • Properly monitor data security systems for existing intrusions
  • Ensure that vendors with access to computer systems and data employ reasonable security procedures
  • Train employees in the proper handling of emails containing PII and PHI and maintain adequate email security practices
  • Implement technical policies and procedures to allow electronic PHI access only to individuals or software programs granted access rights
  • Implement procedures to review records of information system activity regularly, such as audit logs, access reports and security incident tracking reports
  • Protect against reasonably anticipated threats or hazards to the security or integrity of electronic PHI

The Lyon Firm is investigating the South Denver Cardiology  data breach and is actively involved in numerous medical malpractice and data privacy cases and has experience filing data security claims on behalf of plaintiffs nationwide.

Protect Yourself After the South Denver Cardiology Data Breach

After your data is stolen, you may always be at risk for future identity theft and fraud. But, you can protect yourself with identity theft coverage and subscribing to an ID Theft Recovery service.

It’s important to stay alert and watch for signs of illegal activity that uses your accounts. If you happen to see unusual activity, take the appropriate actions described above to help protect yourself. If you want more information on what to do when a data breach impacts you, call The Lyon Firm or visit the FTC identity theft website.

Remember that you are not the only victim of a data breach. There are millions of Americans who suffer from data privacy events, many of whom seek legal action for compensation and to hold companies accountable for negligent security systems.

If you want more information on current healthcare data breach litigation and how to file a data theft class action lawsuit, contact The Lyon Firm for a free South Denver Cardiology data breach case review.

Healthcare Security Breach 

The rise of healthcare hacks have left millions of patients vulnerable to stolen medical records and identity theft. The vast majority of hospitals and health insurance companies have reported medical record data breaches, and although it is unknown what can be done with medical data, patient’s financial data and personal information can easily be used in nefarious ways.

With the rise of electronic medical data storage in place of old paper files, there are more and more instances of healthcare related security breach incidents and subsequent class action lawsuits.

Can I Join the South Denver Cardiology Class Action?

An experienced class action attorney can determine if you are eligible to file a data breach lawsuit or join a class of plaintiffs. A lawyer can assist in determining the following:

  • Did South Denver Cardiology Associates fail to adopt security safeguards that would have prevented a data breach?
  • Did South Denver Cardiology notify customers as soon as it learned of the data breach?
  • Did South Denver Cardiology provide a complete list of all individuals affected by the data breach?
  • Did South Denver Cardiology provide security in line with industry standards?

CONTACT THE LYON FIRM TODAY

Please complete the form below for a FREE consultation.

ABOUT THE LYON FIRM

Joseph Lyon has 17 years of experience representing individuals in complex litigation matters. He has represented individuals in every state against many of the largest companies in the world.

The Firm focuses on single-event civil cases and class actions involving corporate neglect & fraud, toxic exposure, product defects & recalls, medical malpractice, and invasion of privacy.

NO COST UNLESS WE WIN

The Firm offers contingency fees, advancing all costs of the litigation, and accepting the full financial risk, allowing our clients full access to the legal system while reducing the financial stress while they focus on their healthcare and financial needs.

photo of data breach attorney Joe Lyon
Compensation for Victims

Why are Data Breach Cases important?

Without data breach class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.

Holding companies accountable for poor cybersecurity and data theft incidents helps ensure that consumers are better protected in the future. 

CONTACT THE LYON FIRM TODAY

Questions About Data Breach Lawsuits

What to do if you are a victim of a data breach
  1. Get confirmation of the data breach and collect as many details about the incident as possible. 
  2. Contact an attorney to investigate the complex litigation involved in security breach lawsuits. 
  3. Try to find out what information was exposed and protect yourself as much as possible. 
  4. Talk to an attorney before accepting any settlement direct from a company. 
  5. Monitor your accounts and personal information closely. 
Can I get compensation for a data breach?

Yes, in most cases. However, each case is different, but some recent lawsuits have proven to be quite valuable. In one data breach suit, Ohio Attorney General and attorneys general in other states obtained a $17.5 million settlement against The Home Depot due to a data breach in 2014. The settlement resolves a multistate data breach which exposed the payment card information of approximately 40 million Home Depot consumers.

The Home Depot data breach made vulnerable the company’s self-checkout point-of-sale system. In addition to the $17.5 million settlement, The Home Depot has agreed to improve network security and maintain data security practices in order to strengthen its data security program and protect the personal information of consumers.

Who is liable for a data breach?

Under current privacy law the firm or organization that is storing user data are responsible for data breaches and will pay any fines or damages that are the result of legal action. The actual data holder—an organization that provides cloud storage—is not usually legally implicated or held responsible in litigation. 

How do data breaches occur?

The majority of data breach incidents are accidental, and not actually hacking events. Outside threats do pose personal data risks for consumers, though the bigger risk is the internal security and cloud-based data network. Some common ways data can be compromised include:

  • Exposing data in code banks
  • Leaking data from misconfigured data buckets
  • Expired security certificates
  • Storing data with unsecured third party vendors
  • Relaxed email security standards

 

Is my personal health data protected?

Privacy laws are meant to protect patients’ personal health data, and when institutions fail to protect personal data they may be sued for damages. In recent years much health data has been leaked and stolen, causing significant damages to plaintiffs who have have taken legal action

In a recent case the American Medical Collection Agency (AMCA) settled with nearly 21 million people in 40 states and Washington D.C. concerning a data breach that may have exposed their personal information. The breach, which occurred in 2018, lasted nearly a year until official notice of the intrusion.

An unauthorized user gained access to the AMCA internal data system and collected the personal information, including Social Security numbers, financial information, and personal health information, such as medical tests and diagnostic codes.

Quest Diagnostics was alerted that the hack exposed the personal medical data of 11.9 million of its patients. LabCorp had 7.7 million patients exposed. A number of class action lawsuits were filed throughout the country, alleging negligence, breach of contract, and a variety privacy violations concerning data security.

What is a Class Action Lawsuit?

A Class Action is a lawsuit brought by an individual on behalf of all other similarly situated individuals. Rule 23 of the Federal and State Rules of Civil Procedure allows for Class Action lawsuits to resolve disputes in an efficient format.

Class Actions are typically filed when the amount of money in dispute for a single plaintiff would not justify litigating the case, but where the amount of damages of the entire class of Plaintiffs would justify the cost of litigation. Without class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.

What are class action requirements?

In order for a case to be certified as a Class Action, the Court must determine that the case is appropriate for class action treatment under Rule 23. There are different elements depending on whether the case is seeking monetary or injunctive relief. In general, the Court must find the following elements are satisfied:

  • Numerosity: The proposed class must be so numerous that simply joining the individual plaintiffs would be impractical. Generally, the class size should exceed 100 individuals.
  • Common Questions of Law or Fact: The facts and/or legal questions in the dispute must be common to all class members. This does not mean all facts or issues must be identical, but the primary facts and law that will determine the issue in dispute must be common among all class members.
  • Typicality: The named Plaintiff in the case must have the same facts and legal issues as the class they are proposing to represent. If the Plaintiff’s individual case involves issues of fact or law unique to that Plaintiff and are irrelevant to the ultimate issue, class certification may be denied by the Court.
  • Plaintiff/Counsel Adequately Represents the Class: The Court must find that the Plaintiff and Plaintiff’s Counsel are competent and will protect the class’ interests.
  • Predominance: Common questions of fact predominate over individual facts.
  • Superiority: The Class Action is a more efficient and fair means of resolving the dispute. The Court will look at the following factors when making this determination: (1) Class Member interest in maintaining a separate action; (2) the extent of any litigation already begun by other class members; (3) desirability or undesirability of litigating the case in a particular Court ; (4) difficulties in managing the class.
protect your personal data

What should you do following a data breach?

Have you received a data breach notification letter indicating your personal  information may have been compromised? Following a data breach incident, victims should consider talking to a legal expert, and move quickly to take the following steps to help prevent identity theft and fraud:

  • Confirm the data breach by contacting the “breached” company
  • Learn exactly what kind of personal data was compromised
  • Monitor your accounts for fraudulent activity
  • Change your logins and passwords
  • Keep a detailed record of suspicious activity
  • Contact your bank and cancel credit cards if they have been leaked
  • Stay alert for signs of future identity theft
  • Sign up for a credit monitoring service
data breach lawsuits

© The Lyon Firm. ALL RIGHTS RESERVED